UnitedHealth Questioned On Potential Patient Data Leaked in Cyberattack
As UnitedHealth begins a staged processing of $14B in claims backlog, a lawmaker wants to know exactly which Medicare records and other patient data were compromised in the breach.

UnitedHealth Group (UHG) is facing questions from a lawmaker over the types of patient data, including Medicare records, that were compromised during the February 21 cyberattack at its Change Healthcare unit.
On March 25, Rep. Jamie Raskin (D-MD), ranking member of the House Oversight Committee, sent a letter to UHG head Andrew Witty asking 12 questions about the breach and its impact on patients and others. This latest move follows others from lawmakers seeking to know more about the breach and the response to it from UHG as well as the Health and Human Services agency.
Noting that Change Healthcare reportedly handles medical records for one in three U.S. patients and provides services to others, Raskin highlights in the letter the "significant and far-reaching" consequences of the unit's prolonged outage. He asked for UHG to respond to the letter by April 8.

Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Questions asked include ones about the types of information, including types of personally identifiable information and protected health information, that were compromised in the attack.
UHG is also asked to specify the scope of records from Medicare, Medicaid and Tricare beneficiaries that were compromised.
UHG did not immediately respond to a Kiplinger request for comment.
In a recent website update, UnitedHealth said said it has begun to process its claims backlog and that more than $14 billion in claims should “start flowing soon.” The insurer previously said that about 99% of Change Healthcare’s pharmacy network services were restored on March 7 and its electronic payments were restored on March 15.
Even so, the impact of the breach continues to be felt across the healthcare system, according to a number of healthcare professionals and organizations.
Tricare, which provides prescriptions to military clinics and hospitals worldwide, continues to say on its website that military clinics and hospitals are providing ongoing prescriptions through manual procedures until the Change Healthcare issue is resolved. Tricare also continues to direct beneficiaries to reach out to their specific pharmacy, clinic or hospital for local updates.
Growing data breaches in healthcare
As Raskin noted in his letter, about 725 data breaches were reported within the U.S. healthcare system last year. This is a 162% increase in the last decade, he said.
"The rising number of cyberattacks against the U.S. healthcare system, especially against an actor that holds outsized influence on the market, poses a clear and present threat to national security and public health," the lawmaker said in the letter.
Examples of cyberattacks in the last year resulting in massive data breaches include mail order prescription firm Truepill's data breach that exposed data of 2.3 million patients last November, as well as Medicare's data breach in July that exposed the personal information of more than 600,000 Medicare beneficiaries and millions of other healthcare consumers.
For help during this time, Tricare directs users to check its patient portal for outages for updates and information such as how to refill and check the status of your prescriptions at military pharmacies.
Related Content
Get Kiplinger Today newsletter — free
Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more. Delivered daily. Enter your email in the box and click Sign Me Up.

Joey Solitro is a freelance financial journalist at Kiplinger with more than a decade of experience. A longtime equity analyst, Joey has covered a range of industries for media outlets including The Motley Fool, Seeking Alpha, Market Realist, and TipRanks. Joey holds a bachelor's degree in business administration.
-
Time to Spring-Clean Your Finances: A Financial Professional's Four Steps to Tidy Them Up
A midyear review of everything from spending to saving, with adjustments as needed, can set you on track to financial security. Plus, don't forget to check in on your workplace benefits.
-
Why a Law Firm Secretly Recording Client Conversations Is Wrong (and Illegal)
A law firm that has been recording client conversations without the clients' knowledge or permission and has threatened employees if they speak out faces legal and ethical challenges.
-
Is Your Social Security Earnings Record Wrong? Here's How to Fix It
Your Social Security benefits are based on your Social Security earnings record. It's important to review your records to avoid having your benefits reduced.
-
Eight Ways To Save on Your Next Luxury Trip
Looking for ways to stretch your retirement dollars? Follow these tips to get a deal on your next vacation.
-
Donating Complex Assets Doesn't Have to Be Complicated
If you're looking to donate less-conventional assets but don't know where to start, this charity executive has answers, such as considering a donor-advised fund (DAF) for its tax benefits and ease of use.
-
Think a Repeal of the Estate Tax Wouldn't Affect You? Wrong
The wording of any law that repeals or otherwise changes the federal estate tax could have an impact on all of us. Here's what you need to know, courtesy of an estate planning and tax attorney.
-
In Your 50s? We Need to Talk About Long-Term Care
Many people don't like thinking about long-term care, but most people will need it. This financial professional recommends planning for these costs as early as possible to avoid stress later.
-
How to Budget for College Expenses Beyond Tuition
Some universities waive tuition for families with incomes below a certain threshold. But you'll still need a plan to cover other costs.